Symfony 2: How do I check if a user is not logged in inside a template?
Solution 1
You can check if app.user is set.
{% if app.user %}
# user is logged in
{% else %}
# user is not logged in
{% endif %}
Solution 2
Although the current answer answers the OP's question, I would like to add more details.
I understand the OP did not want to check roles, but I am including them so other SO users can copy and paste from this in the future. - everytime I google this, I end up here!
Symfony Doc Sources:
- http://symfony.com/doc/current/book/security.html
- http://symfony.com/doc/current/cookbook/security/remember_me.html
Check if any user logged in (regardless of role)
As answered, you can use app.user to check if any user is logged in.
{% if app.user %}
# user is logged in (any and all users, regardless of ROLE_*)
{% elseif not app.user %}
# user is not logged in (note the `not` in the `elseif` statement)
{% endif %}
Checking authentication status
You can use the is_granted() method to check for ROLES, (The below are all roles assigned by symfony, You may also have you own roles (more below))
{% if is_granted('IS_AUTHENTICATED_FULLY') %}
# This user entered their credentials THIS session
{% elseif is_granted('IS_AUTHENTICATED_REMEMBERED') %}
# User logged in via a cookie (ie: Auth again before doing sensitive things)
{% elseif is_granted('IS_AUTHENTICATED_ANONYMOUSLY') %}
# This is a `guest` or anonymous user
{% endif %}
from the docs:
IS_AUTHENTICATED_ANONYMOUSLY - automatically assigned to a user who is in a firewall protected part of the site but who has not actually logged in. This is only possible if anonymous access has been allowed.
IS_AUTHENTICATED_REMEMBERED - automatically assigned to a user who was authenticated via a remember me cookie.
IS_AUTHENTICATED_FULLY - automatically assigned to a user that has provided their login details during the current session.
Checking Roles
You can also use is_granted() to check for roles.
Assuming we have 3 roles (ROLE_SUPER_ADMIN, ROLE_ADMIN, & ROLE_USER)
{% if is_granted('ROLE_SUPER_ADMIN') -%}
# You're `ROLE_SUPER_ADMIN`
{% elseif is_granted('ROLE_ADMIN') -%}
# You're `ROLE_ADMIN`
{% elseif is_granted('ROLE_USER') -%}
# You're `ROLE_USER`
{% else %}
# You're a `nobody` ;P
{%- endif %}
Doing the above inside a controller
View the following answer: How to check if an user is logged in Symfony2 inside a controller?
Related videos on Youtube
09 : 20
14 : 20
38 : 27
09 : 06
![🔑 Symfony Authentication Tutorial | 👤 Authenticating Users | Login Form - Symfony Workshop [2021]](https://i.ytimg.com/vi/dMVRcwlqJZE/hq720.jpg?sqp=-oaymwEcCNAFEJQDSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLAyS35NX_WBgdUxtXm55DWqay0-Ig)
12 : 36
![Symfony Security 100 Minute Lesson: Authentication, Register Users, Passwords, Access Control [2021]](https://i.ytimg.com/vi/XjbIDOIoXTo/hq720.jpg?sqp=-oaymwEcCNAFEJQDSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLAYSyV37zmfAOUNOZsrO-o5m38VjA)
01 : 43 : 30
![🔑 Symfony Authentication Tutorial Part 2 | Validating Passwords + Login and Redirect [2021]](https://i.ytimg.com/vi/f2luGDobqdA/hq720.jpg?sqp=-oaymwEcCNAFEJQDSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLADAT2iJ_Oc52Hez2Uix387ylvcEw)
14 : 02
16 : 26
07 : 44
Tool
Updated on June 11, 2020Comments
-
Tool almost 4 years
In Symfony 2 templates (using Twig), how can I effectively check whether a user is not logged in?
I don't want to use
ROLEchecks. I want a straightforward way to check if a user is not logged in.I'm aware that comparing
app.user.usernamewithanonworks, but that just doesn't feel right to me. -
Mac_Cain13 over 11 yearsNote that if you want to check if the user is NOT logged in you can use:
{% if not app.user %} -
Ronan over 10 yearsUse
{% if is_granted('IS_AUTHENTICATED_FULLY') %}instead. See Symfony2 doc : symfony.com/doc/current/book/…. Also available for Silex : silex.sensiolabs.org/doc/providers/… -
RayOnAir about 10 years@Ronan
{% if is_granted('IS_AUTHENTICATED_FULLY') %}will only return true if the user has authenticated in the current session. It will return false if the user authenticated via a remember me cookie. Using{% if app.user %}is correct, if one wants to return true regardless of when the user authenticated. -
Harold almost 10 years@Ronan, that doesn't work as it results in the following error: No Authentication Provider found for token of class "Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken". -
V-Light over 9 yearsI'm just curious... what
-%}and{%-stands for ? why not%}and{%? -
Anil over 9 yearsThe-removes all trailing whitespace so that it's more readable in the browser source source. More info here: twig.sensiolabs.org/doc/templates.html#whitespace-control -
Sebastian G. Marinescu over 8 years{% if app.security.token is null or app.security.token.user == 'anon.' %}that's how I got it working for me -
pzaj about 7 yearsForgive me for bringing this old question to live again, but I think I read somewhere that app.user will not be null for anonymous users, isn't that correct? Wouldn't that mean that check for app.user is not sufficient?
-
pzaj about 7 years@Anil symfony.com/doc/2.8/templating/app_variable.html second parameter described is
app.user, going like thatThe value stored in this variable can be a UserInterface object, any other object which implements a __toString() method or even a regular string.. I don't remember where I read that app.user returns "anon." string unfortunately and under what circumstances. -
Anil about 7 years@user1970395 The first line in the docs read
The representation of the current user or null if there is none., so it will be null. A third party bundle could return a string if it's customUserInterfaceimplementation has a__toString()method which is called when anonymous.
